kitploit

Lightweight UNIX backdoor for ethical hacking. Useful for red team engagements and CTFs. Something I wrote a few years ago as part of a game I was playing with a friend to try to backdoor as many VMs in each other's labs without being caught or having our tools reverse engineered/signatured. *Features* JadedWraith is a powerful backdoor capable of either listening on a TCP port or sniffing packets for a "magic" ICMP packet instructing the backdoor to either callback or listen. This is partly inspired by tools such as PRISM , however, unlike PRISM JadedWraith incorporates shoddy cryptography to obfuscate command and control. JadedWraith can be used to execute remote commands or upload follow on payloads. JadedWraith can be compiled as a standalone executable or as a shared object for process injection. *Components* The source code for the actual implant can be found inside the src directory. client contains a simple python based client for interacting with JadedWraith. The conf_jaw...

中文版本(Chinese version) *About DongTai IAST* DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve *universal vulnerability ( https://www.kitploit.com/search/label/Vulnerability ) detection* and *multiples request associated with vulnerability detection ( https://www.kitploit.com/search/label/Vulnerability%20Detection ) (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities)* , *Third-party component vulnerability detection* , etc. Currently, applications in Java and Python are supported for vulnerability detection. *Architecture* DongTai IAST has multiple basic services, including DongTai-web , DongTai-webapi , DongTai-openapi , DongTai-engine , agent , DongTai-deploy , DongTai-Base-Image and DongTai-Plugin-IDEA : * DongTai-web is the product page of DongTai, which is used to handle the interaction between users and cave states. * DongTai-webapi is responsible...

<p><a href="https://1.bp.blogspot.com/-p5_2_IEv9P8/YUuqKRcI1rI/AAAAAAAAvSg/hsnZHGNuRTEP9G-_v8lbWCSQYvVXbj3XQCNcBGAsYHQ/s1350/QueenSono_2_qssono-trunc.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="571" data-original-width="1350" height="270" src="https://1.bp.blogspot.com/-p5_2_IEv9P8/YUuqKRcI1rI/AAAAAAAAvSg/hsnZHGNuRTEP9G-_v8lbWCSQYvVXbj3XQCNcBGAsYHQ/w640-h270/QueenSono_2_qssono-trunc.gif" width="640" /></a></p><div><br /></div> <p style="text-align: left;"> QueenSono tool only relies on the fact that ICMP protocol isn't monitored. It is quite common. It could also been used within a system with basic ICMP inspection (ie. frequency and content length watcher). Try to imitate <a href="https://github.com/ytisf/PyExfil" rel="nofollow" target="_blank" title="PyExfil">PyExfil</a> (and others) with the idea that the target machine does not necessary have python installed (so provide a binary could be useful)</p...

<p><a href="http://2.bp.blogspot.com/-RfSp1Prm8Ns/YUOxaTgLFfI/AAAAAAAAvAE/SN4RCzdEi0Y5JMgSOfk7QtJ4oTb9HJ_hACK4BGAYYCw/s1600/PoW-Shield_7_screenshot-773941.jpeg" style="text-align: center;"><img alt="" border="0" height="290" id="BLOGGER_PHOTO_ID_7008640510588556786" src="http://2.bp.blogspot.com/-RfSp1Prm8Ns/YUOxaTgLFfI/AAAAAAAAvAE/SN4RCzdEi0Y5JMgSOfk7QtJ4oTb9HJ_hACK4BGAYYCw/w640-h290/PoW-Shield_7_screenshot-773941.jpeg" width="640" /></a></p><p><br /></p> <p>Project dedicated to provide DDoS <a href="https://www.kitploit.com/search/label/Protection" target="_blank" title="protection">protection</a> with proof-of-work</p><span><a name='more'></a></span><p style="text-align: center;"><br /></p><span style="font-size: large;"><b>Description</b></span><br /> <p>PoW Shield provides DDoS protection on OSI application layer by acting as a proxy that utilizes proof of work between the backend service and the end user. This project aims to provide an alternative to general captcha methods su...

<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-tAJa4MDz_Co/YUuoLt01PoI/AAAAAAAAvSU/CkAAccSSGBI6r6apc9d3cLcmRkAjTTyCgCNcBGAsYHQ/s702/some_words.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="408" data-original-width="702" height="373" src="https://1.bp.blogspot.com/-tAJa4MDz_Co/YUuoLt01PoI/AAAAAAAAvSU/CkAAccSSGBI6r6apc9d3cLcmRkAjTTyCgCNcBGAsYHQ/w640-h373/some_words.png" width="640" /></a></div><p><br /></p> <p>Turns any junk text into a usable wordlist for brute-forcing.</p><span><a name='more'></a></span><div><br /></div><span style="font-size: large;"><b>Installation</b></span><br /> <div class="snippet-clipboard-content position-relative" data-snippet-clipboard-copy-content="go install github.com/hakluke/haklistgen@latest "><pre><code>go install github.com/hakluke/haklistgen@latest<br /></code></pre></div> <br /><span style="font-size: large;"><b>Usage Examples</b></span>...

<p style="text-align: center;"><a href="http://4.bp.blogspot.com/-yFVraZ4ayBc/YUOytTNxstI/AAAAAAAAvEw/FfSD64jzyosun8jGtq-ULDYgpSYkO7lwgCK4BGAYYCw/s1600/Reconky-Automated_Bash_Script_1_Recon-705128.gif"><img alt="" border="0" height="356" id="BLOGGER_PHOTO_ID_7008641936440537810" src="http://4.bp.blogspot.com/-yFVraZ4ayBc/YUOytTNxstI/AAAAAAAAvEw/FfSD64jzyosun8jGtq-ULDYgpSYkO7lwgCK4BGAYYCw/w640-h356/Reconky-Automated_Bash_Script_1_Recon-705128.gif" width="640" /></a></p><div><br /></div> <p>Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target.</p><span><a name='more'></a></span><div><br /></div><span style="font-size: x-large;"><b>Usage</b></span><br /><p><code>./reconky.sh &lt;domain.com&gt;</code></p><div><code><br /></code></div><span style="font-size: x-large;"><b>Main-Features</b></span><br /> <ul> <li...

<p style="text-align: center;"><a href="https://1.bp.blogspot.com/-uBauZSD-Bhk/YUseN81_vXI/AAAAAAAAvSM/EC84hZKBoEwOsqwKqEIWBK4gLBDaa3zKgCNcBGAsYHQ/s1099/jspanda_3_pollute.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="844" data-original-width="1099" height="492" src="https://1.bp.blogspot.com/-uBauZSD-Bhk/YUseN81_vXI/AAAAAAAAvSM/EC84hZKBoEwOsqwKqEIWBK4gLBDaa3zKgCNcBGAsYHQ/w640-h492/jspanda_3_pollute.png" width="640" /></a></p><p style="text-align: center;"><br /></p> <p>JSpanda is client-side prototype pollution <a href="https://www.kitploit.com/search/label/Vulnerability" target="_blank" title="vulnerability">vulnerability</a> scanner. It has two key features, scanning vulnerability the supplied URLs and analyzing the JavaScript libraries' source code.</p> <p>However, JSpanda cannot detect advanced prototype pollution vulnerabilities.</p><span><a name='more'></a></span><div><br /></div><span style="font-size: large;"><b><stron...

<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-Ady00T1Rchw/YUq1gcP9-OI/AAAAAAAAvR4/W7Kfw8YwuzM_w-8RcjOTBtXPkFoguK10wCNcBGAsYHQ/s1747/words.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="478" data-original-width="1747" height="176" src="https://1.bp.blogspot.com/-Ady00T1Rchw/YUq1gcP9-OI/AAAAAAAAvR4/W7Kfw8YwuzM_w-8RcjOTBtXPkFoguK10wCNcBGAsYHQ/w640-h176/words.png" width="640" /></a></div><br /> <p>wordlistgen is a tool to pass a list of URLs and get back a list of relevant words for your wordlists. <a href="https://www.kitploit.com/search/label/Wordlists" target="_blank" title="Wordlists">Wordlists</a> are much more effective when you take the application's context into consideration. <a href="https://www.kitploit.com/search/label/WordListGen" target="_blank" title="wordlistgen">wordlistgen</a> pulls out URL components, such as <a href="https://www.kitploit.com/search/label/Subd...

<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-tGjIlM9LBZc/YUqO4Rh9sPI/AAAAAAAAvRs/bm1bfExG9XAPtJE5eSPbA7TGazin3GVsACNcBGAsYHQ/s741/secure_password.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="357" data-original-width="741" height="308" src="https://1.bp.blogspot.com/-tGjIlM9LBZc/YUqO4Rh9sPI/AAAAAAAAvRs/bm1bfExG9XAPtJE5eSPbA7TGazin3GVsACNcBGAsYHQ/w640-h308/secure_password.png" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><p></p> <p>This script securely encrypts or decrypts <a href="https://www.kitploit.com/search/label/Passwords" target="_blank" title="passwords">passwords</a> on disk within a custom database file. It also features functionality to retrieve passwords from a previously generated database file. This script takes a master password from stdin/from memory, then <a href="https://www.kitploit.com/search/...

<p style="text-align: center;"><a href="http://1.bp.blogspot.com/-Eb1ngQXSYFs/YUOxfKGrtdI/AAAAAAAAvAM/kvv1AGXrZ64I7ehBqzTL1k0IlVJF16HWQCK4BGAYYCw/s1600/dirsearch_1_babygopher-badge-790842.png"><img alt="" border="0" id="BLOGGER_PHOTO_ID_7008640593965069778" src="http://1.bp.blogspot.com/-Eb1ngQXSYFs/YUOxfKGrtdI/AAAAAAAAvAM/kvv1AGXrZ64I7ehBqzTL1k0IlVJF16HWQCK4BGAYYCw/s320/dirsearch_1_babygopher-badge-790842.png" /></a></p><br /> <p>This software is a Go implementation of the original <a href="https://github.com/maurosoria/dirsearch" rel="nofollow" target="_blank" title="dirsearch tool">dirsearch tool</a> written by <code>Mauro Soria</code>. DirSearch is the very first tool I write in Go, mostly to play and experiment with Go's concurrency model, channels, and so forth :)</p><p><span></span></p><a name='more'></a>&nbsp;<p></p><span style="font-size: large;"><b>Purpose</b></span><br /> <p>DirSearch takes an input URL ( <code>-url</code> parameter ) and a wordlist ( <code>-wordlist</cod...